Page 1 of 1
VA Scan Vulnerability For NRPE 5666 on Windows Servers
Posted: Tue Sep 19, 2017 7:30 am
by sarfarosh
Hi Team,
As check_nt is giving physical+page memory. We are using check_nrpe to monitor windows physical memory usage but now we are getting vulnerabilities because of this. Please give some solution as its very critical issue and affecting the business.
Re: VA Scan Vulnerability For NRPE 5666 on Windows Servers
Posted: Tue Sep 19, 2017 9:25 am
by tmcdonald
NSClient (the agent on your Windows machine) is a third-party agent that can communicate with check_nrpe to run active checks. That is the agent giving you the SSL errors. I looked into their documentation and there are only a few SSL parameters you can configure:
https://docs.nsclient.org/reference/cli ... %20options
https://docs.nsclient.org/reference/cli ... ed-ciphers
but that should remedy most of the issues. The one pertaining to a self-signed certificate is obviously not something we can assist with, as you or your team generated that internally.
There is also a good article on NSClient security by the author here -
https://www.medin.name/blog/2012/12/02/ ... ntication/
What NSClient version are you running? Some of those options may or may not be available depending on your version.
To be clear, this report is not saying there is a vulnerability in the software, only that the SSL options supported may be weaker than more recent options.